KDE Kommit rejection - reserved for vetted?

sgmoore · April 12, 2023, 12:56pm

Rejected by Nishit Majithia. “Use of the personal-files interface is reserved for vetted publishers. If your snap legitimately requires this access, please make a request in the forum using the ‘store-requests’ category (https://forum.snapcraft.io/).” — Nishit Majithia

Last I checked KDE is vetted.

This application is a complete git suite for KDE Thanks

@Igor

Igor · April 12, 2023, 1:41pm

@0xnishit KDE is a vetted publisher, and @sgmoore is the KDE dev in charge of their snaps. I guess there was some small omission somewhere in the process.

alexmurray · April 13, 2023, 3:28am

So perhaps the confusion here is the template text used in the rejection - whilst it is reserved for vetted publishers, there still needs to be a process to assess if the use of personal-files is reasonable. That is what the forum is for and so it is still right that we discuss the request here.

@sgmoore can you please detail what access is being requested via personal-files in this case? Pasting of the plug declaration is sufficient. Can you also explain why this is needed? Thanks.

0xnishit · April 13, 2023, 5:25am

@sgmoore, apologies if template text confused you. I found the personal-file interface named gitconfig wants read access on these file

  gitconfig:
    interface: personal-files
    read:
    - $HOME/.gitconfig
    - $HOME/.config/git/config

It would be better if you can explain why the read permission on these files needed?

Thanks

sgmoore · April 13, 2023, 10:35am

kommit is our git suite and it currrently does not work. I don’t think it is unreasonable for git to have read access to the users git configuration.

sgmoore · April 17, 2023, 3:26pm

Did you need anything else? This is a very common approach used by git client snaps.

0xnishit · April 18, 2023, 3:31am

Thanks for the information, having read access on these below files seems reasonable given the nature of this snap.

- $HOME/.gitconfig
- $HOME/.config/git/config

+1 from me for using auto-connect for personal-files interface named gitconfig. Can other @reviewers please vote too?

thanks

roadmr · April 18, 2023, 12:55pm

+1, seems entirely reasonable for kommit as it enables core functionality and it’s from a trusted publisher.

Daniel

emitorino · April 20, 2023, 6:13pm

+1 from me as well for auto-connect personal-files with read access to $HOME/.gitconfig and $HOME/.config/git/config using the iface reference gitconfig since this is clearly required for kommit (Git gui client for KDE) to properly operate. +3 votes for, 0 votes against. This is now live.

@sgmoore can you please either upload a new revision or request a manual review so the changes take effect?

sgmoore · April 21, 2023, 11:52am

Thank you very much. The other two that it doesn’t operate well without is ssh-keys and gpg-keys Can we get an auto-connect on these two?

@Igor

alexmurray · April 22, 2023, 5:47am

@sgmoore can you please explain a bit more how kommit uses ssh-keys and gpg-keys and why these might need to be auto-connected by default? ‘It doesn’t operate well’ is not enough info for me to go on. Thanks.

sgmoore · April 22, 2023, 12:37pm

Of course. So as a KDE developer you must use your ssh keys in order to clone a repo that you can push to. GPG keys verify your identity. This is common with all git platforms ( github, gitlab even launchpad) Thanks for your consideration, Scarlett

alexmurray · April 23, 2023, 2:49pm

Thanks for the updated information @sgmoore - the issue is that these are both quite privileged interfaces but as you say these operations are reasonably common (ie. to use a GPG key to sign a commit or SSH key to access a repo etc) so I am inclined to agree that these should be auto-connected in this case.

Can other @reviewers please weigh-in too?

kyrofa · April 23, 2023, 4:06pm

Without a way for individual users to opt out of auto-connections, I’m very uncomfortable auto-connecting access to SSH and GPG keys (especially the latter). One could compare this to auto-connection to the password manager, which also makes me uncomfortable. I won’t go so far as to cast a -1 vote, but I wanted to share my thoughts.

sgmoore · April 24, 2023, 12:29pm

I understand that.

So my next question is, is there a way to pop a dialog box on first run informing users to please connect these two if you want your stuff to work? As it is, users will grumble and claim it broken. If I get lucky they file bug reports and I can show them the way.

Cheers, Scarlett

alexmurray · April 24, 2023, 12:49pm

You could use snapctl is-connected ssh-keys which returns non-zero if the interface is not connected - and then you could use something like zenity to inform the user.

sgmoore · April 24, 2023, 12:54pm

Alright, I rather agree with @kyrofa and will sort out your suggestion @alexmurray Disregard the request and thanks for your help. Cheers, Scarlett

alexmurray · April 24, 2023, 2:46pm

Ok, no worries - I think that sounds like a good compromise - thanks @sgmoore, I’ll remove the request from our internal queue.